class Api::StoreStaffsController < Api::BaseController
  before_action :set_staff, only: [:show]
  def authenticate
    staff = StoreStaff.where(login_name: params[:login_name]).last
    if staff.present? && staff.try(:admin).present?
      if staff.store_id != params[:store_id].to_i
        render json: {status: false, msg: '账号或者密码有误!'}
        return false
      end
      @status = AuthenticateStafferService.call(staff, params[:password])
      if @status.success?
        render json: {status: true, msg: '验证通过!', store_id: staff.store_id}
      else
        render json: {status: false, msg: '账号或者密码有误!'}
      end
    else
      render json: {status: false, msg: '请使用超级管理员账号进行验证'}
    end
  end

  def show
    respond_with @staff, location: nil
  end

  private
  def set_staff
    @staff = StoreStaff.find(params[:id])
  end
end
